Re: iptables; some IPs are getting through netmasks
Hello,
Mark Ford a écrit :
>
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> pests tcp -- 0.0.0.0/0 0.0.0.0/0
[...]
> Chain pests (1 references)
> target prot opt source destination
> DROP tcp -- 1.85.17.0/24 0.0.0.0/0
> DROP tcp -- 67.228.245.0/24 0.0.0.0/0
Please note that iptables -L does not print the complete rules. Consider
using iptables-save instead.
> It seems to work, except I find emails from certain IPs are
> still getting through, and it's always when I have set a /24 netmask.
>
> For example, in a recent email, the header was...
>
> Received: from mail10.mydailyflog.com ([67.228.245.121])
>
> ...even though I had the IP range 67.228.245.0/24 in my "pests"
> chain.
Are you sure that the mail was received directly from that address by
the host with the iptables rules, and was not relayed by another MTA ?
Reply to: